CyberLaw Blog

Archive for the ‘cybercrime’ Category

Worm strikes Commons computer network

Parliamentary computers have been infected by the Conficker worm, like an estimated 10m PCs worldwide – and experts fear next week will see problems worsen

The House of Commons internal computer network has been infected by the ‘Conficker’ worm that has also infected millions of Windows PCs around the world, and has had to ban its users from attaching outside storage – such as USB ‘memory sticks’ – in case it gets reinfected.

The revelation is an embarrassment for the organisation running the network, which contains nearly 1,000 computers, because Microsoft issued a fix for the weakness that leaves PCs vulnerable in October – meaning that they have been lax in applying necessary security fixes. MessageLabs, owned by Symantec, is understood to be responsible for the antivirus and antispam filtering of communications with the network.

A memo sent out in the House of Commons network on Tuesday night warned that ‘the Parliamentary network has been affected by a virus known as conficker. This virus affects users by slowing down the Network and by locking out some accounts.’ It instructs users to leave computers turned on – so that they can have the malware removed – and that unauthorised computers be removed from the network.

Memory sticks, which can be used to transfer the worm accidentally between computer networks, have also been banned while the system is cleansed.

None of MessageLabs, the Parliamentary Information Communications and Technology helpdesk or a spokeswoman nominated by PICT had responded to requests for comment when this story was filed.

Security experts are meanwhile trying to work out whether the Conficker worm, which has infected roughly 10m Windows PCs around the world, will devastate the internet on 1 April, when it is due to seek out an update to its controlling software from the unknown group that wrote the original infecting code.

Antivirus companies have managed to decode enough of the code of the program – also known as ‘downadup’ – to realise that from next Wednesday it will start to check 50,000 randomly-named domains which might be registered in any one 110 different countries, seeking one site that will have been set up to issue it with new instructions.

That marks a step up from earlier versions of the worm, which used to check 250 sites per day – but which was defeated because in an unprecedented effort, a multinational industry security team managed to block all of the potential domains, including a number in China.

The fears are that the update might instruct the infected machines to start an all-out attack on major sites such as Google, Yahoo or Amazon – all of which have been targets of ‘denial of service’ attacks by large groups of infected computers, known as ‘botnets’, in the past.

But it is more likely that the computers will simply get updated orders to carry on sending out spam emails, or hosting ‘phishing’ sites – which look like official bank or credit card sites but are fake, and collect information to send to the botnet’s owner.

The worm seems to have been developed by Chinese hackers, but its purpose is not clear. It has spread to millions of PCs, often in corporate organisations, by exploiting a flaw in older versions of Microsoft’s Internet Explorer browser.

In February, Microsoft put a $250,000 bounty on the head of the writer, or writers, of Conficker: ‘The Conficker worm is a criminal attack. People who write this malware have to be held accountable,’ said George Stathakopoulos, of Microsoft’s Trustworthy Computing Group.

‘We don’t know who’s behind this worm, but they seem to be pretty professional in what they do,’ noted F-Secure, one of the antivirus companies that was first to spot the worm. The worm uses a cryptographic system called the MD6 hash algorithm, which encodes its content using a secure new system that has proven impossible for antivirus teams to break.

But others think it will be less dramatic. ‘What happens on April Fool’s day is anyone’s guess,’ noted Vinoo Thomas of McAfee. ‘But what have we learnt from history? From the days of [the] Michelangelo [virus, in 1992] to the recent Blaster, SoBig, Sober and Kamasutra worms, the hype surrounding the activation or payload dates of major Internet worms have only turned out to be damn squibs.’

Rick Wesson, of the industry team that has built up around efforts to defeat Conficker, thinks that its legacy may turn out to be positive: because it has forced different countries to work together, it has created the first forms of a worldwide cyber security system. ‘No matter what happens with Conficker, it’s created something here….a beautiful opportunity to bring cyber security to the kitchen table,’ he told the Washington Post.

(Via Latest news, sport, business, comment and reviews from the Guardian | guardian.co.uk.)

UK cybercrime unit to meet IT leaders: “

Cleaning up the mean online streets

The newly-established Police Central e-crime unit (PCeU) has scheduled a meeting with UK business later this month.…

“

(Via The Register – Public Sector.)

25 Most Shocking Crimes in Social Media History | Masters in Criminal Justice: “25 Most Shocking Crimes in Social Media History

By Laura Milligan

The popularity and near necessity of social media sites has grown tremendously in the last few years, helping small businesses make connections, giving freelancers and students the chance to network with people they’d never be able to meet otherwise, and allow a place for all kinds of interest groups to chat and make friends online–from gardeners to book lovers to sports junkies. There is a dangerous and corrupt side to social media creators and users; however, and the ability to create fake profiles and violate privacy and copyright rules is still more than possible. Read below for 25 of the most shocking crimes in social media history.

Cybercrime threat rising sharply: “The threat of cybercrime is rising rapidly and attacks can threaten whole economies, warn experts at the World Economic Forum.”

(Via BBC News.)

EU cybercrime strategy backs law enforcement Trojan: “

Remote searches? Nein danke

Remote searches of suspects’ computers could become a mainstay of cybercrime investigations under a new EU strategy announced last week.…

“

(Via The Register – Public Sector.)

BBC News: EU to search out cyber criminals

1 December, 2008

Remote searches of suspect computers will form part of an EU plan to tackle hi-tech crime.

The five-year action plan will take steps to combat the growth in cyber theft and the machines used to spread spam and other malicious programs.

It will also encourage better sharing of data among European police forces to track down and prosecute criminals.

Europol will co-ordinate the investigative work and also issue alerts about cyber crime sprees.

Data share

The five-year plan won the backing of the EU ministers at a meeting which also granted 300,000 euros (£250,000) to Europol to create the system to pool crime reports and issue alerts about emerging threats.

The ministerial meeting also backed the anti-cyber crime strategy that will see the creation of cross-border investigation teams and sanction the use of virtual patrols to police some areas of the net.

Other “practical measures” include encouraging better sharing of information between police forces in member nations and private companies on investigative methods and trends.

In particular the strategy aims to tackle the trade in images of children being sexually abused. In a statement outlining the strategy the EU claimed “half of all internet crime involves the production, distribution and sale of child pornography”.

Forces will also take part in “remote searches” and patrol online to track down criminals. The EU said controls were in place to ensure that data protection laws were not breached as this information was gathered and shared.

“The strategy encourages the much needed operational cooperation and information exchange between the Member States,” said EC vice-president Jacques Barrot in a statement.

“If the strategy is to make the fight against cyber crime more efficient, all stakeholders have to be fully committed to its implementation,” he added.

Lori Drew guilty in MySpace bully trial: “The woman accused of using MySpace to bully a vulnerable teenage girl who subsequently killed herself has been found guilty of three charges.”

(Via OUT-LAW News.)

Online fraudsters ’steal £3.3bn’: “Internet fraudsters have stolen credit and debit cards with a value of more than £3.3bn, research suggests.”

(Via BBC News.)

First cyber-bullying trial hears how Megan Meier, 13, killed herself after online taunts: “Tech
Central: is lying in cyberspace a federal offence?”

(Via Tech and Web from Times Online.)

Denial of Service and distributing hacking tools finally criminalised: “A law criminalising denial of service attacks and the supply of hacking tools has been brought into force in England and Wales after a number of delays. The law was already in force in Scotland.”

(Via OUT-LAW News.)